Changes between Version 104 and Version 105 of flukes

Show
Ignore:
Timestamp:
06/24/13 09:07:43 (6 years ago)
Author:
ibaldin (IP: 152.54.9.21)
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • flukes

    v104 v105  
    238238This section explains how to use these credentials with Flukes. It presumes you have one of the credentials described above.  
    239239 
    240 There are two ways in which these credentials can be used. The first is simpler, and the second is more flexible. 
     240There are two ways in which these credentials can be used. The first is simpler, and the second is more flexible. The first way is most familiar to users coming from Emulab/Planetlab/InstaGENI Flack environment, and involves using a single identity credential supplied in the form of a combination of .key and .pem/.crt files. Flukes accepts these types of credentials, but if multiple identities need to be used, Flukes must be stopped, reconfigured and restarted. The second way relies on constructing a Java Key Store (JKS) out of one or more credentials issued to the experimenter (multiple identity credentials). Flukes can then use this keystore and the experimenter can choose which identity to use at run time. 
    241241 
    242242Before we describe either, a quick note regarding the storage of the various files (.key, .pem, .p12, .jks) referenced in these procedures: since these files represent secrets belonging to you, it is best to store them in a single directory (e.g. $HOME/.ssl) that only you are allowed to read and write. 
     
    315315When you submit a request through Flukes, it will ask you for the key alias and password. You should use the alias you assigned to this new key and the password used for keystore and keys. Note that you can have multiple key/certificate pairs under different aliases within the same keystore (e.g. one from GPO and one from BEN).  
    316316 
     317== Flukes on Windows == 
     318 
     319Windows poses some challenges for Java applications (like Flukes), primarily from the perspective of specifying paths. In Java properties files, the "\" character, which is used as a path separator in Windows, is treated as an "escape" character (which means that it has special properties for changing the meaning of a single character immediately following it). The resolution to this issue is to use the "/" character for any path specified in a Java properties file on Windows, rather than "\". For example, "C:\Users\Exampleuser" would be written as "C:/Users/Exampleuser" instead. 
     320 
     321Another issue on Windows is a long-standing Java bug with the discovery of the user's home directory; the bug itself is described here: [http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4787931]. Flukes provides the convenience of using the Unix convention of specifying a path that is rooted in the user's home directory by beginning the path with "~/". This can cause Flukes to run into this Java bug. If this problem is encountered, it can be worked around by specifying the full path to files, rather than relying on the "~/" convention; for example, "user.keystore=~/.ssl/user.jks" would become "user.keystore=C:/Users/Exampleuser/.ssl/user.jks" 
     322 
     323Most Windows users do not have X11 installed, which creates some difficulty with the "Login to node" menu option. Flukes has a property that is Windows-specific in the .flukes.properties file, "putty.path". This allows specifying the path to the PuTTY ssh client. It is recommended that Windows users download and install this client, using the full installer provided here: [http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html]. Please choose the binary on the line beginning with word "Installer:" 
     324 
     325Key format differences - PuTTY versus OpenSSH. The prevailing OS used on virtual or physical nodes in ExoGENI is Linux, which expects SSH keys in OpenSSH format. PuTTY has its own format, which differs from that of OpenSSH. The solution is to use the PuTTYGen tool included in the PuTTY installation to generate keys for use with ExoGENI. Directions on how to do so are [wiki:flukes_on_windows here.] 
     326 
    317327== Gotchas == 
    318328 
     
    327337 * In order to resolve this issue, please download and install XQuartz from: [http://xquartz.macosforge.org/landing/] 
    328338 * Once you have installed XQuartz, you will need to ensure that the "xterm.path" property in your .flukes.properties looks like this: '''xterm.path=/opt/X11/bin/xterm''' 
    329  
    330 3. Flukes on Windows 
    331  * Windows poses some challenges for Java applications (like Flukes), primarily from the perspective of specifying paths. In Java properties files, the "\" character, which is used as a path separator in Windows, is treated as an "escape" character (which means that it has special properties for changing the meaning of a single character immediately following it). 
    332  * The resolution to this issue is to use the "/" character for any path specified in a Java properties file on Windows, rather than "\". For example, "C:\Users\Exampleuser" would be written as "C:/Users/Exampleuser" instead. 
    333  
    334  * Another issue on Windows is a long-standing Java bug with the discovery of the user's home directory; the bug itself is described here: [http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4787931] 
    335  * Flukes provides the convenience of using the Unix convention of specifying a path that is rooted in the user's home directory by beginning the path with "~/". This can cause Flukes to run into this Java bug. If this problem is encountered, it can be worked around by specifying the full path to files, rather than relying on the "~/" convention; for example, "user.keystore=~/.ssl/user.jks" would become "user.keystore=C:/Users/Exampleuser/.ssl/user.jks" 
    336  
    337  * Most Windows users do not have X11 installed, which creates some difficulty with the "Login to node" menu option. 
    338  * Flukes has a property that is Windows-specific in the .flukes.properties file, "putty.path". This allows specifying the path to the PuTTY ssh client. It is recommended that Windows users download and install this client, using the full installer provided here: [http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html] 
    339  * Please choose the binary on the line beginning with word "Installer:" 
    340  
    341  * Key format differences - PuTTY versus OpenSSH 
    342  * The prevailing OS used on virtual or physical nodes in ExoGENI is Linux, which expects SSH keys in OpenSSH format. PuTTY has its own format, which differs from that of OpenSSH. 
    343  * The solution is to use the PuTTYGen tool included in the PuTTY installation to generate keys for use with ExoGENI. Directions on how to do so are [wiki:flukes_on_windows here.]